<%@ page language="java" contentType="text/html; charset=US-ASCII"
	pageEncoding="US-ASCII"%>
<%@ page import="java.sql.*"%>
<%@ page import="java.util.Vector"%>
<%@ page import="ca.radiologydb.util.Template"%>
<%@ page import="ca.radiologydb.util.ConnectionManager"%>

<%
	Template template = new Template(this.getServletContext()
			.getRealPath("/").toString());
	out.println(template.getTemplateTop());
	if (session.getAttribute("username") == null
			|| session.getAttribute("usertype") == null) {
		out.println("Cannot display results as you're not logged in, or do not have the proper permissions.");
		out.println("<a href='login.jsp'>Login</a>");
	} else if (!session.getAttribute("usertype").equals("a")) {
		out.println("Cannot display results as you're not logged in, or do not have the proper permissions.");
		out.println("<a href='login.jsp'>Login</a>");

	} else {

		ConnectionManager manager = new ConnectionManager();
		Connection conn = manager.getConnection();

		String username = request.getParameter("u");
		if (username == null) {
			out.println("<h3>ERROR: No User Specified.</h3>");

		} else {

			Statement stmt = null;
			ResultSet rset = null;
			

			String sql = "SELECT u.user_name, p.first_name, p.last_name, p.address, p.email, p.phone FROM users u, persons p ";
			sql += "WHERE u.user_name='" + username
					+ "' AND p.user_name='" + username + "'";

			out.println("<h3>Editing User "+username+"</h3>");
			out.println("<h4>Personal Information</h4>");
			out.println("<div class='form'>");

			try {
				stmt = conn.createStatement();
				rset = stmt.executeQuery(sql);
			} catch (Exception ex) {
				out.println("<hr>" + ex.getMessage() + "<hr>");
			}

			if (rset.next()) {
				//Get user's information and display it
				String firstname = rset.getString("first_name");
				String lastname = rset.getString("last_name");
				String phone = rset.getString("phone");
				String address = rset.getString("address");
				String email = rset.getString("email");
				
				out.println("<form method='GET' action='update_user.jsp'>");
				
				//Hide username - user cannot change it anyway
				out.println("<input type='hidden' value='"+username+"' hidden='true' name='username' />");

				out.println("<h4>First Name</h4>");
				out.println("<input type='text' value='" + firstname
						+ "' name='firstname' />");

				out.println("<h4>Last Name</h4>");
				out.println("<input type='text' value='" + lastname
						+ "' name='lastname' />");

				out.println("<h4>Address</h4>");
				out.println("<input type='text' value='" + address
						+ "' name='address' />");

				out.println("<h4>Phone Number</h4>");
				out.println("<input type='text' value='" + phone
						+ "' name='phone' />");

				out.println("<h4>E-Mail Address</h4>");
				out.println("<input type='text' value='" + email
						+ "' name='email' />");

				out.println("<br /><br /><input type='submit' value='Submit All Changes' />");
				out.println("</form>");
				
				//Get ALL the user's doctors! 
				sql = "SELECT doctor_name FROM family_doctor ";
				sql += "WHERE patient_name='" +username+ "'";
				//ALL the doctors?

				try {
					stmt = conn.createStatement();
					rset = stmt.executeQuery(sql);
				} catch (Exception ex) {
					out.println("<hr>" + ex.getMessage() + "<hr>");
				}
				
				out.println("</div>");
				out.println("<h4>Current Family Doctor(s)</h4>");
				out.println("<div class='form'>");
				out.println("<table><tr><th>Doctor Username</th><th>Remove?</th>");
				
				Vector<String> user_doctors = new Vector<String>();
				
				// Display the user's current doctors, with the option to remove them if they want.
				while(rset != null && rset.next()) {
					user_doctors.add(rset.getString("doctor_name"));
					out.println("<tr><td>"+rset.getString("doctor_name")+"</td><td><a href='remove_doctor.jsp?d="+rset.getString("doctor_name")+"&u="+username+"'>Remove</a></td></tr>");
					
				}
				
				out.println("</table><br /><br />");
				
				sql =  "SELECT u.user_name FROM users u WHERE u.class='d'";


				try {
					stmt = conn.createStatement();
					rset = stmt.executeQuery(sql);
				} catch (Exception ex) {
					out.println("<hr>" + ex.getMessage() + "<hr>");
				}
				
				out.println("</div>");
				out.println("<h4>Add Family Doctor</h4>");
				out.println("<div class='form'>");
				out.println("<form method='GET' action='add_doctor.jsp'>");
				out.println("<input type='hidden' hidden='true' name='username' value='"+username+"' />");
				out.println("<select id='doctor' name='doctor'>");
				
				while(rset != null && rset.next()) {
					//Don't allow a doctor to be added when they are already a user's doctor
					if(!(user_doctors.contains(rset.getString("user_name")))){
						out.println("<option value='"+rset.getString("user_name")+"'>"+rset.getString("user_name")+"</option>");
					}
					
				}
				
				out.println("</select>");
				out.println("<input type='submit' value='Add Doctor' />");
				out.println("</form></div>");
			} 
			
			else {
				out.println("<h3>No valid user defined!</h3>"); 
			}
			stmt.close();
			manager.closeConnection();
		}
	}

	out.println(template.getTemplateBottom());
%>

